...
MIDPOINT_HOME="/var/opt/midpoint/"
JAVA_OPTS="$JAVA_OPTS -Dmidpoint.home=$MIDPOINT_HOME -Djavax.net.ssl.trustStore=$MIDPOINT_HOME/keystore.jceks -Djavax.net.ssl.trustStoreType=jceks -server -Xms512m -Xmx2048m"
export MIDPOINT_HOME JAVA_OPTS
...
Deploying MidPoint as Web Application
Deprecated
This functionality is deprecated.
The functionality is still supported and maintained, but it will no longer be extended.
The plan is to remove this functionality sooner or later.
Users of this functionality are strongly encouraged to stop using this functionality and migrate to a newer equivalent.
|
Introduction
This page describes the steps required to install midPoint Identity and Access Management from a binary distribution.
MidPoint is a Java web application.
MidPoint primary deployment model is a stand-alone deployment based on Spring Boot.
However there is an alternative form of WAR
archive.
All that is essentially needed is to deploy it in a suitable container.
This guide provides instructions to install midPoint in Apache Tomcat.
Starting from midPoint 3.7 the WAR deployment model is just an alternative way to deploy and run midPoint. However, the stand-alone deployment model is now the primary and recommended one. The explicit deployment to a web container is deprecated. The support may be removed soon. Therefore, existing deployments that use this approach are advised to migrate to stand-alone deployment as soon as possible. |
Before You Start
There are few things to check before you start the installation:
-
Make sure to see Release Notes for list of environments that are known to work and for the list of known issues in current release.
-
Make sure the System Requirements are met.
-
Make sure you are using a supported version of midPoint. When in doubt, use the latest midPoint release (4.9)
Prerequisites
MidPoint is a Java application, therefore it requires Java platform to run on. Java 11 is a required platform for MidPoint 4.9. Java platform distributions based on OpenJDK are recommended. Other JDK builds (e.g. Oracle) may work as well, but those have limited support for midPoint (see release notes for the details).
JAVA_HOME
environment variable should point to the Java installation path.
Apache Tomcat
MidPoint needs an application server. Apache Tomcat 9.x is the only supported application server.
Apache Tomcat can be downloaded from http://tomcat.apache.org/download-90.cgi.
The Apache Tomcat installation directory is further referenced as <tomcat>
.
In windows platform prefer downloading of zip file to downloading of windows installer as later do not populate bin directory with all batch files.
You will start tomcat server via running the startup.bat file from <tomcat>\bin
directory.
Download
Download the midPoint binary release according to the following table:
MidPoint 4.9 Binary Distribution |
https://evolveum.com/downloads/midpoint/4.9/midpoint-4.9-dist.zip |
Unpack the archive file to a convenient location. Following instructions will refer to the relative paths inside this archive.
Installation
MidPoint Home Directory (midpoint.home)
If you intend to use custom connectors or schemas you need to create a directory anywhere on your system. This directory will be used to store your custom connector code, schemas, initial configuration and may also contains other files. MidPoint will populate that directory on first start. The directory will not be overwritten when midPoint is restarted or redeployed.
If you don’t want to use custom connectors or you want just to try midPoint, you can skip this chapter and continue to the Initialize Database section.
Create the Directory
You can create your custom directory anywhere in your system.
We often use locations such as /opt/midpoint
or /var/opt/midpoint
on linux platforms and c:\midpoint
directory on windows platforms.
The directory has to be writable by the application server.
See MidPoint Home Directory page for a description of the directory structure.
Tomcat "setenv.sh/setenv.bat" Customization
To actually use the Custom Directory, modify the setenv.sh
script (UNIX) or setenv.bat
batch file (Windows) located in <tomcat>/bin.
If this file does not exist then create a new file.
Set the "JAVA_OPTS" variable in this file.
On UNIX machines add the line:
On windows platforms, add line:
...
set JAVA_OPTS=%JAVA_OPTS% -Dmidpoint.home=c:/midpoint -Djavax.net.ssl.trustStore=c:/midpoint/keystore.jceks -Djavax.net.ssl.trustStoreType=jceks -server -Xms512m -Xmx2048m
...
This line sets up MidPoint Home Directory location, memory options and truststore location. It also overrides default JVM keystore. This is needed for proper SSL support in connectors, notifications and other libraries that are not under direct midPoint control. See Keystore Configuration page for more details.
Configure Tomcat
Tomcat has a limitation of maximum size of POST data it accepts.
This can cause problems when editing or importing large objects.
So it is advisable to raise (or eliminate) the limit by editing the server.xml
file, e.g.:
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" maxPostSize="100000000"/>
or
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" maxPostSize="-1"/>
Initialize Database
MidPoint has to store its own data in a database, which we call repository. MidPoint stores all the data there: users, roles, shadow objects representing accounts, configuration, everything.
MidPoint needs PostgreSQL database engine to do that. PostgreSQL is leading open source relational database engine. Since midPoint 4.4, midPoint can use features specific to PostgreSQL to its advantage (using native PostgreSQL repository implementation).
MidPoint also has support for other database engines. However, since midPoint 4.4, such support is deprecated. Do not use other database engines unless there are historic reasons, and you have a sound plan for migration to PostgreSQL.
The Repository Configuration page provides the instructions.
Deploy midPoint
MidPoint appliation is deployed by using the midpoint.war
file located in the war
subdirectory of the distribution archive.
To deploy midPoint WAR file, use the following steps:
-
Stop Tomcat if it’s already running.
-
Copy
midpoint.war
to<tomcat>/webapps directory
. -
Start Tomcat. It should pick up and deploy the "midpoint" application.
Post-Installation Steps
Test midPoint administration GUI
Log in to the midPoint administration console using the following URL:
Username | administrator |
---|---|
Password |
5ecr3t |
A home page of the midPoint console should be displayed. This is a pretty dynamic web application using AJAX for better user interaction. The look&feel is quite minimalistic now, we are working on an improvement just now.
If there is a problem, please check Tomcat logs in <tomcat>/log/catalina.out
and <tomcat>/log/idm.log
.